summaryrefslogtreecommitdiff
path: root/main/src
diff options
context:
space:
mode:
authorArne Schwabe <arne@rfc2549.org>2023-06-06 17:13:35 +0200
committerArne Schwabe <arne@rfc2549.org>2023-06-06 17:18:28 +0200
commit242b90fa52ccb863c3ea001fa4e7ce5a21939a0b (patch)
tree4d3deb4564888d3608f9976ac3c60168c0901b5e /main/src
parent4e5bfa766c51584457c292985de0f29dd8270503 (diff)
COrrectly fall back to no encryption if there is an erro with encryption
Diffstat (limited to 'main/src')
-rw-r--r--main/src/main/java/de/blinkt/openvpn/core/LogItem.java7
-rw-r--r--main/src/main/java/de/blinkt/openvpn/core/ProfileManager.java6
-rw-r--r--main/src/skeleton/java/de/blinkt/openvpn/core/ProfileEncryption.java2
-rw-r--r--main/src/ui/java/de/blinkt/openvpn/core/ProfileEncryption.kt20
4 files changed, 21 insertions, 14 deletions
diff --git a/main/src/main/java/de/blinkt/openvpn/core/LogItem.java b/main/src/main/java/de/blinkt/openvpn/core/LogItem.java
index b6f51928..65714c43 100644
--- a/main/src/main/java/de/blinkt/openvpn/core/LogItem.java
+++ b/main/src/main/java/de/blinkt/openvpn/core/LogItem.java
@@ -29,6 +29,7 @@ import java.security.cert.X509Certificate;
import java.util.Arrays;
import java.util.FormatFlagsConversionMismatchException;
import java.util.Locale;
+import java.util.MissingFormatArgumentException;
import java.util.UnknownFormatConversionException;
import java.util.Vector;
@@ -273,7 +274,11 @@ public class LogItem implements Parcelable {
if (mArgs == null)
return c.getString(mRessourceId);
else
- return c.getString(mRessourceId, mArgs);
+ try {
+ return c.getString(mRessourceId, mArgs);
+ } catch (MissingFormatArgumentException ie) {
+ return "ERROR MISSING ARGUMENT(" + ie.getMessage() + "): " + getString(null);
+ }
} catch (Resources.NotFoundException re) {
return getString(null);
}
diff --git a/main/src/main/java/de/blinkt/openvpn/core/ProfileManager.java b/main/src/main/java/de/blinkt/openvpn/core/ProfileManager.java
index 1f12c2fa..9d59e26b 100644
--- a/main/src/main/java/de/blinkt/openvpn/core/ProfileManager.java
+++ b/main/src/main/java/de/blinkt/openvpn/core/ProfileManager.java
@@ -54,7 +54,7 @@ public class ProfileManager {
private synchronized static void checkInstance(Context context) {
if (instance == null) {
instance = new ProfileManager();
- ProfileEncryption.initMasterCryptAlias();
+ ProfileEncryption.initMasterCryptAlias(context);
instance.loadVPNList(context);
}
}
@@ -146,7 +146,7 @@ public class ProfileManager {
if (encryptedFileOld.exists()) {
encryptedFileOld.delete();
}
- } catch (IOException ioe)
+ } catch (IOException | GeneralSecurityException ioe)
{
VpnStatus.logException(VpnStatus.LogLevel.INFO, "Error trying to write an encrypted VPN profile, disabling " +
"encryption", ioe);
@@ -174,7 +174,7 @@ public class ProfileManager {
}
- } catch (IOException | GeneralSecurityException e) {
+ } catch (IOException e) {
VpnStatus.logException("saving VPN profile", e);
throw new RuntimeException(e);
}
diff --git a/main/src/skeleton/java/de/blinkt/openvpn/core/ProfileEncryption.java b/main/src/skeleton/java/de/blinkt/openvpn/core/ProfileEncryption.java
index c526a69f..1f5651ab 100644
--- a/main/src/skeleton/java/de/blinkt/openvpn/core/ProfileEncryption.java
+++ b/main/src/skeleton/java/de/blinkt/openvpn/core/ProfileEncryption.java
@@ -15,7 +15,7 @@ import java.security.GeneralSecurityException;
/* Dummy class that supports no encryption */
class ProfileEncryption {
- static void initMasterCryptAlias()
+ static void initMasterCryptAlias(Context context)
{
}
diff --git a/main/src/ui/java/de/blinkt/openvpn/core/ProfileEncryption.kt b/main/src/ui/java/de/blinkt/openvpn/core/ProfileEncryption.kt
index ad22460f..fa61e733 100644
--- a/main/src/ui/java/de/blinkt/openvpn/core/ProfileEncryption.kt
+++ b/main/src/ui/java/de/blinkt/openvpn/core/ProfileEncryption.kt
@@ -7,7 +7,7 @@ package de.blinkt.openvpn.core
import android.content.Context
import android.os.Build
import androidx.security.crypto.EncryptedFile
-import androidx.security.crypto.MasterKeys
+import androidx.security.crypto.MasterKey
import java.io.File
import java.io.FileInputStream
import java.io.FileOutputStream
@@ -19,16 +19,18 @@ internal class ProfileEncryption {
companion object {
@JvmStatic
fun encryptionEnabled(): Boolean {
- return mMasterKeyAlias != null
+ return mMasterKey != null
}
- private var mMasterKeyAlias: String? = null
+ private var mMasterKey: MasterKey? = null
@JvmStatic
- fun initMasterCryptAlias() {
+ fun initMasterCryptAlias(context:Context) {
if (Build.VERSION.SDK_INT < Build.VERSION_CODES.M)
return
try {
- mMasterKeyAlias = MasterKeys.getOrCreate(MasterKeys.AES256_GCM_SPEC)
+ mMasterKey = MasterKey.Builder(context)
+ .setKeyScheme(MasterKey.KeyScheme.AES256_GCM)
+ .build()
} catch (e: GeneralSecurityException) {
VpnStatus.logException("Could not initialise file encryption key.", e)
} catch (e: IOException) {
@@ -40,9 +42,9 @@ internal class ProfileEncryption {
@Throws(GeneralSecurityException::class, IOException::class)
fun getEncryptedVpInput(context: Context, file: File): FileInputStream {
val encryptedFile = EncryptedFile.Builder(
- file,
context,
- mMasterKeyAlias!!,
+ file,
+ mMasterKey!!,
EncryptedFile.FileEncryptionScheme.AES256_GCM_HKDF_4KB
).build()
return encryptedFile.openFileInput()
@@ -52,9 +54,9 @@ internal class ProfileEncryption {
@Throws(GeneralSecurityException::class, IOException::class)
fun getEncryptedVpOutput(context: Context, file: File): FileOutputStream {
val encryptedFile = EncryptedFile.Builder(
- file,
context,
- mMasterKeyAlias!!,
+ file,
+ mMasterKey!!,
EncryptedFile.FileEncryptionScheme.AES256_GCM_HKDF_4KB
).build()
return encryptedFile.openFileOutput()